The Indiana Department of Revenue and the Internal Revenue Service (warn of fraudulent e-mails impersonating either revenue agency encouraging individuals to open files corrupted with malware.

These scam e-mails use tax transcripts as bait to entice users to open the attachments. The scam is particularly problematic for businesses or government agencies whose employees open the malware infected attachments, putting the entire network at risk. This software is complex and may take several months to remove.

This well-known malware, known as Emotet, generally poses as specific banks or financial institutions to trick individuals into opening infected documents. It has been described as one of the most costly and destructive malware to date. Emotet is known to constantly evolve, and in the past few weeks has masqueraded as the IRS, pretending to be “IRS Online.” The scam email includes an attachment labeled “Tax Account Transcript” or something similar, with the subject line often including “tax transcript.”

Both DOR and IRS have several tips to help individuals and businesses not fall prey to e-mail scams:

  • Remember, DOR and the IRS do not contact customers via email to share sensitive documents such as a tax transcript.
  • Use security software to protect against malware and viruses, and be sure it’s up-to-date.
  • Never open emails, attachments or click on links when you’re not sure of the source.

If an individual is using a personal computer and receives an e-mail claiming to be the IRS, it is recommended to delete or forward the email to phishing@irs.gov. If the e-mail claims to be from DOR forward the e-mail to investigations@dor.in.gov. Business receiving these e-mails should also be sure to contact the company’s technology professionals.